If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

imho it is a *very bad idea* to discount the script kid O's. A real hacker may root your box and have a look around or whatever. Script Kiddies are a lot more likely to rm -rf your box or other general mean things. Besides the world is full of lamers and kiddies, and that is reasson enough for me to take their actions/attempts seriously.

Petemcevoy said:
There is a chance that i'm being presumptous about your intellectual high ground - i'm in a stinkin mood - if i'm wrong - i apologise.

No apology needed, and no, I wasn't being condescending. It was an honest question, I'm honestly curious as to how other people approach the subject.

psi0nic said:
imho it is a *very bad idea* to discount the script kid O's. A real hacker may root your box and have a look around or whatever. Script Kiddies are a lot more likely to rm -rf your box or other general mean things. Besides the world is full of lamers and kiddies, and that is reasson enough for me to take their actions/attempts seriously.

Don't get me wrong, I'm not discounting them. Indeed, my firewalls rules are set up in a very similar way when it comes to pings, blatant portscans, etc.. I agree that they represent a major percentage (probably 80-90%) of all malicious traffic on the web, and that that alone is why you should do what you can to stop them.

The real question I'm asking here is does drop/deny do anything more than reject does?

I mean, to a point I think a script kiddie would see a drop/deny response and think nothing's there, but a real cracker/hacker could tell that there's a PC there based on the response (or lack thereof).

REJECT, on the other hand, will tell you that there's definitely a PC there, but that the port isn't open.

From a strict networking point of view, it's better to simply reject packets than to drop/deny them, but drop/deny will delay a portscan.

It's a fairly trade-offish issue, which is why I'm curious as to what you guys think.

Chris Shepherd
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?